pwn 0.5.428 → 0.5.430

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cb4a896d76b2eff5600f7e7464227b6223a4287e4cd4e6fba7a60df29d40bc64
-  data.tar.gz: 93dbd97045e6ac60c4a46446bb8c681629ab462186092657e4f75bdb975eb7c9
+  metadata.gz: eecc95f7ab850f845600203b3fed19bb77d5d3737233a7f7f98df09b84154737
+  data.tar.gz: d838e72b716e9fc50e604a95600f1c9e43db9a42772e76073adc2f4cd673e96b
 SHA512:
-  metadata.gz: 50aaa55f8d403788d10610c52a877bc99494678c0606b9d83fcdf623470faae899bfa6e095e0de4114832575184308d5a9303d0b5f1f15d0038f3e13b5c9e1b1
-  data.tar.gz: fdc901980719c87ac59a14e247f352074271ed8b43572bdbd446462fb621e772db5cb065c117c07b55c68caee5bd559094e536c5316c958af8fcab1f5f7ad602
+  metadata.gz: 81dea57ae53b6401b7b5fa2784d5dc64e8b2a311ad1fc89c20c18e1024739ed66502db92be54ece95695df3b7a3fb25bbacd3aa311ac69d71bf5c2f4b23496c6
+  data.tar.gz: 071b3ac7ac65e4f282e3f59d223ec4c68c2f9b61b62442e613b4aa347ed6ab836cca10eafee0a148b79446c2adaf3e1a5bf60107b4871165d04d3017ef7b2fb3

data/Gemfile

@@ -46,7 +46,7 @@ gem 'jsonpath', '1.1.5'
 gem 'json_schemer', '2.4.0'
 gem 'jwt', '3.1.2'
 gem 'libusb', '0.7.2'
-gem 'luhn', '1.0.2'
+gem 'luhn', '2.0.0'
 gem 'mail', '2.8.1'
 gem 'meshtastic', '0.0.126'
 gem 'metasm', '1.0.5'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.428]:001 >>> PWN.help
+pwn[v0.5.430]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.428]:001 >>> PWN.help
+pwn[v0.5.430]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.428]:001 >>> PWN.help
+pwn[v0.5.430]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn

@@ -10,12 +10,12 @@ OptionParser.new do |options|
     #{File.basename($PROGRAM_NAME)} [opts]
   "
 
-  options.on('-cPATH', '--yaml-config=PATH', '<Optional - PWN YAML File>') do |p|
-    opts[:yaml_config_path] = p
+  options.on('-YPATH', '--pwn-config=PATH', '<Optional - PWN YAML File>') do |p|
+    opts[:pwn_config_path] = p
   end
 
-  options.on('-dPATH', '--yaml-decryptor=PATH', '<Optional - Out-of-Band YAML File with :key && :iv>') do |d|
-    opts[:yaml_decryptor_path] = d
+  options.on('-ZPATH', '--pwn-decryptor=PATH', '<Optional - Out-of-Band YAML File with :key && :iv>') do |d|
+    opts[:pwn_decryptor_path] = d
   end
 end.parse!
 

data/bin/pwn_sast

@@ -11,6 +11,15 @@ OptionParser.new do |options|
     #{File.basename($PROGRAM_NAME)} [opts]
   "
 
+  # TODO: HOW TO LOAD THE pwn.yaml CONFIGURATION FILE FOR EVERYTHING UNLESS OVERRIDDEN???
+  options.on('-YPATH', '--pwn-config=PATH', '<Optional - PWN YAML File>') do |p|
+    opts[:pwn_config_path] = p
+  end
+
+  options.on('-ZPATH', '--pwn-decryptor=PATH', '<Optional - Out-of-Band YAML File with :key && :iv>') do |d|
+    opts[:pwn_decryptor_path] = d
+  end
+
   options.on('-uGITURI', '--uri-source-root=GITURI', '<Required - HTTP URI of Git Repo Scanned e.g. https://github.com/0dayInc/pwn/tree/master>') do |u|
     opts[:uri_source_root] = u
   end
@@ -35,30 +44,6 @@ OptionParser.new do |options|
     opts[:report_name] = n
   end
 
-  options.on('-aENGINE', '--ai-engine=ENGINE', '<Optional AI Engine to Analyze Results (grok, ollama, openai) [WARNING: CAN DRAMATICALLY INCREASE AI USAGE COSTS AND/OR SCAN DURATIONS]>') do |a|
-    opts[:ai_engine] = a
-  end
-
-  options.on('-bURI', '--ai-base-uri=URI', '<Optional AI Base API URI (Only Required for "ollama" AI Engine.  Supported by other LLMs when hosted privately)>') do |b|
-    opts[:ai_base_uri] = b
-  end
-
-  options.on('-mMODEL', '--ai-model=MODEL', '<Optional AI Model to Use for Respective AI Engine (e.g., grok-4-0709, grok-3-mini-fast, gpt5-chat-latest, chargpt-4o-latest, llama-3.1, etc.)>') do |m|
-    opts[:ai_model] = m
-  end
-
-  options.on('-kTOKEN', '--ai-key=TOKEN', '<Optional AI Key/Token for Respective AI Engine>') do |k|
-    opts[:ai_key] = k
-  end
-
-  options.on('-SCONTENT', '--ai-system-content=CONTENT', '<Optional AI System Role Content for Respective AI Engine (Defaults to, "Confidence score of 0-10 this is vulnerable (0 being not vulnerable, moving upwards in confidence of exploitation). Provide additional context to assist penetration tester assessment.")>') do |s|
-    opts[:ai_system_role_content] = s
-  end
-
-  options.on('-FTEMP', '--ai-temp=TEMP', '<Optional AI Temperature for Respective AI Engine (Default 0.9)>') do |t|
-    opts[:ai_temp] = t
-  end
-
   options.on('-s', '--[no-]start-reporting-server', '<Optional - Start Simple HTTP Server for Reporting>') do |s|
     opts[:start_reporting_server] = s
   end
@@ -71,6 +56,16 @@ end
 
 begin
   timestamp = Time.now.strftime('%Y-%m-%d_%H:%M:%S%z')
+
+  pwn_config_path = opts[:pwn_config_path]
+  pwn_decryptor_path = opts[:pwn_decryptor_path]
+  if pwn_config_path
+    PWN::Config.refresh(
+      pwn_config_path: pwn_config_path,
+      pwn_decryptor_path: pwn_decryptor_path
+    )
+  end
+
   previous_dir = Dir.pwd
 
   pwn_provider = 'ruby-gem'
@@ -95,23 +90,6 @@ begin
   report_name ||= "#{File.basename(Dir.pwd)}-#{timestamp}" if dir_path == '.'
   report_name ||= "#{File.basename(dir_path)}-#{timestamp}" unless dir_path == '.'
 
-  ai_engine = opts[:ai_engine]
-  if ai_engine
-    ai_engine = ai_engine.to_s.to_sym
-    valid_ai_engines = %i[grok ollama openai]
-    raise "ERROR: Invalid AI Engine. Valid options are: #{valid_ai_engines.join(', ')}" unless valid_ai_engines.include?(ai_engine)
-
-    ai_base_uri = opts[:ai_base_uri]
-    raise 'ERROR: --base-uri Parameter for Ollama AI engine is required.' if ai_engine == :ollama && ai_base_uri.nil?
-
-    ai_model = opts[:ai_model]
-    raise 'ERROR: AI Model is required for AI engine ollama.' if ai_engine == :ollama && ai_model.nil?
-
-    ai_key = opts[:ai_key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: "#{ai_engine} Token")
-    ai_system_role_content = opts[:ai_system_role_content]
-    ai_temp = opts[:ai_temp]
-  end
-
   start_reporting_server = opts[:start_reporting_server]
 
   # Define Test Cases to Run & Start Thread Pool
@@ -202,13 +180,7 @@ begin
   PWN::Reports::SAST.generate(
     dir_path: dir_path,
     results_hash: results_hash,
-    report_name: report_name,
-    ai_engine: ai_engine,
-    ai_model: ai_model,
-    ai_key: ai_key,
-    ai_base_uri: ai_base_uri,
-    ai_system_role_content: ai_system_role_content,
-    ai_temp: ai_temp
+    report_name: report_name
   )
   puts 'complete.'
 

data/etc/pwn.yaml.EXAMPLE

@@ -1,7 +1,33 @@
 # Drop this file in $HOME/.pwn/pwn.yaml
 # Use PWN::Plugins::Vault.create(file: 'pwn.yaml') to encrypt this file
+
 # ai_engine: 'openai' || 'ollama'
-ai_engine: 'grok'
+# WARNING::
+# If PWN::CONFIG[:ai][:instrospection] = true, the active ai agent will be used
+# wherever possible throughout pwn. Proceeds with caution, as this may incur additional costs
+ai:
+  active: 'grok'
+  introspection: false
+  grok:
+    base_uri: 'optional - Base URI for Grok - Use private base OR defaults to https://api.x.ai/v1'
+    key: 'required - OpenAI API Key'
+    model: 'optional - Grok model to use'
+    system_role_content: 'You are an ethically hacking OpenAI agent.'
+    temp: 'optional - OpenAI temperature'
+
+  openai:
+    base_uri: 'optional - Base URI for OpenAI - Use private base OR defaults to https://api.openai.com/v1'
+    key: 'required - OpenAI API Key'
+    model: 'optional - OpenAI model to use'
+    system_role_content: 'You are an ethically hacking OpenAI agent.'
+    temp: 'optional - OpenAI temperature'
+
+  ollama:
+    base_uri: 'required - Base URI for Open WebUI - e.g. https://ollama.local'
+    key: 'required - Open WebUI API Key Under Settings  >> Account >> JWT Token'
+    model: 'required - Ollama model to use'
+    system_role_content: 'You are an ethically hacking Ollama agent.'
+    temp: 'optional - Ollama temperature'
 
 # Use PWN::Plugins::Assembly.list_supported_archs to list supported architectures
 asm:
@@ -28,27 +54,6 @@ irc:
 hunter:
   api_key: 'hunter.how API Key'
 
-grok:
-  base_uri: 'optional - Base URI for Grok - Use private base OR defaults to https://api.x.ai/v1'
-  key: 'required - OpenAI API Key'
-  model: 'optional - Grok model to use'
-  system_role_content: 'You are an ethically hacking OpenAI agent.'
-  temp: 'optional - OpenAI temperature'
-
-openai:
-  base_uri: 'optional - Base URI for OpenAI - Use private base OR defaults to https://api.openai.com/v1'
-  key: 'required - OpenAI API Key'
-  model: 'optional - OpenAI model to use'
-  system_role_content: 'You are an ethically hacking OpenAI agent.'
-  temp: 'optional - OpenAI temperature'
-
-ollama:
-  base_uri: 'required - Base URI for Open WebUI - e.g. https://ollama.local'
-  key: 'required - Open WebUI API Key Under Settings  >> Account >> JWT Token'
-  model: 'required - Ollama model to use'
-  system_role_content: 'You are an ethically hacking Ollama agent.'
-  temp: 'optional - Ollama temperature'
-
 meshtastic:
   psks:
     LongFast: 'required - PSK for LongFast channel'

data/lib/pwn/ai/grok.rb

@@ -25,6 +25,13 @@ module PWN
 
       private_class_method def self.grok_rest_call(opts = {})
         token = opts[:token]
+        if token.nil?
+          PWN::Plugins::AuthenticationHelper.mask_password(
+            prompt: 'Grok Key'
+          )
+          PWN::CONFIG[:ai][:grok][:key] = token
+        end
+
         http_method = if opts[:http_method].nil?
                         :get
                       else

data/lib/pwn/ai/ollama.rb

@@ -27,6 +27,13 @@ module PWN
       private_class_method def self.ollama_rest_call(opts = {})
         base_uri = opts[:base_uri]
         token = opts[:token]
+        if token.nil?
+          PWN::Plugins::AuthenticationHelper.mask_password(
+            prompt: 'Ollama Key'
+          )
+          PWN::CONFIG[:ai][:ollama][:key] = token
+        end
+
         http_method = if opts[:http_method].nil?
                         :get
                       else

data/lib/pwn/ai/open_ai.rb

@@ -26,6 +26,13 @@ module PWN
 
       private_class_method def self.open_ai_rest_call(opts = {})
         token = opts[:token]
+        if token.nil?
+          PWN::Plugins::AuthenticationHelper.mask_password(
+            prompt: 'OpenAI Key'
+          )
+          PWN::CONFIG[:ai][:openai][:key] = token
+        end
+
         http_method = if opts[:http_method].nil?
                         :get
                       else

data/lib/pwn/config.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+require 'fileutils'
+require 'yaml'
+
+module PWN
+  # Used to manage PWN configuration settings within PWN drivers.
+  module Config
+    # Supported Method Parameters::
+    # PWN::Config.refresh(
+    #   pwn_config_path: 'optional - Path to pwn.yaml file.  Defaults to ~/.pwn/pwn.yaml',
+    #   pwn_decryptor_path: 'optional - Path to pwn.decryptor.yaml file.  Defaults to ~/.pwn/pwn.decryptor.yaml'
+    # )
+
+    public_class_method def self.refresh(opts = {})
+      pwn_config_root = "#{Dir.home}/.pwn"
+      FileUtils.mkdir_p(pwn_config_root)
+
+      pwn_config_path = opts[:pwn_config_path] ||= "#{pwn_config_root}/pwn.yaml"
+      raise "PWN Config (#{pwn_config_path}) does not exist!" unless File.exist?(pwn_config_path)
+
+      is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: pwn_config_path)
+
+      if is_encrypted
+        pwn_decryptor_path = opts[:pwn_decryptor_path] ||= "#{pwn_config_root}/pwn.decryptor.yaml"
+        raise "PWN Decryptor (#{pwn_decryptor_path}) does not exist!" unless File.exist?(pwn_decryptor_path)
+
+        pwn_decryptor = YAML.load_file(pwn_decryptor_path, symbolize_names: true)
+
+        key = opts[:key] ||= pwn_decryptor[:key] ||= ENV.fetch('PWN_DECRYPTOR_KEY')
+        key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption Key') if key.nil?
+
+        iv = opts[:iv] ||= pwn_decryptor[:iv] ||= ENV.fetch('PWN_DECRYPTOR_IV')
+        iv = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption IV') if iv.nil?
+
+        config = PWN::Plugins::Vault.dump(
+          file: pwn_config_path,
+          key: key,
+          iv: iv
+        )
+      else
+        config = YAML.load_file(pwn_config_path, symbolize_names: true)
+      end
+
+      valid_ai_engines = %i[
+        grok
+        openai
+        ollama
+      ]
+
+      engine = config[:ai][:active].to_s.downcase.to_sym
+      raise "ERROR: Unsupported AI Engine: #{engine} in #{pwn_config_path}.  Supported AI Engines:\n#{valid_ai_engines.inspect}" unless valid_ai_engines.include?(engine)
+
+      model = config[:ai][engine][:model]
+      system_role_content = config[:ai][engine][:system_role_content]
+
+      # Reset the ai response history on config refresh
+      config[:ai][engine][:response_history] = {
+        id: '',
+        object: '',
+        model: model,
+        usage: {},
+        choices: [
+          {
+            role: 'system',
+            content: system_role_content
+          }
+        ]
+      }
+
+      # These two lines should be immutable for the session
+      config[:pwn_config_path] = pwn_config_path
+      config[:pwn_decryptor_path] = pwn_decryptor_path if is_encrypted
+
+      Pry.config.refresh = false if defined?(Pry)
+
+      PWN.send(:remove_const, :CONFIG) if PWN.const_defined?(:CONFIG)
+      PWN.const_set(:CONFIG, config)
+    end
+  end
+end

data/lib/pwn/plugins/repl.rb

@@ -18,11 +18,7 @@ module PWN
         mode = opts[:mode]
 
         proc do |_target_self, _nest_level, pi|
-          if Pry.config.refresh
-            # puts "Refreshing PWN env via #{opts[:yaml_config_path]}"
-            opts[:pi] = pi
-            PWN::Plugins::Vault.refresh_config_for_repl(opts)
-          end
+          pi.config.pwn = PWN::Config.refresh(opts) if Pry.config.refresh
 
           pi.config.pwn_repl_line += 1
           line_pad = format(
@@ -48,13 +44,13 @@ module PWN
           end
 
           if pi.config.pwn_ai
-            ai_engine = pi.config.pwn[:ai_engine]
-            model = pi.config.pwn[ai_engine][:model]
-            system_role_content = pi.config.pwn[ai_engine][:system_role_content]
-            temp = pi.config.pwn[ai_engine][:temp]
-            pname = "pwn.ai:#{ai_engine}"
-            pname = "pwn.ai:#{ai_engine}/#{model}" if model
-            pname = "pwn.ai:#{ai_engine}/#{model}.SPEAK" if pi.config.pwn_ai_speak
+            engine = pi.config.pwn[:ai][:active].to_s.downcase.to_sym
+            model = pi.config.pwn[:ai][engine][:model]
+            system_role_content = pi.config.pwn[:ai][engine][:system_role_content]
+            temp = pi.config.pwn[:ai][engine][:temp]
+            pname = "pwn.ai:#{engine}"
+            pname = "pwn.ai:#{engine}/#{model}" if model
+            pname = "pwn.ai:#{engine}/#{model}.SPEAK" if pi.config.pwn_ai_speak
             pi.config.prompt_name = pname
 
             name = "\001\e[1m\002\001\e[33m\002#{pi.config.prompt_name}\001\e[0m\002"
@@ -306,12 +302,12 @@ module PWN
                         next unless dm_agent == nick
 
                         response_history = ai_agents[dm_agent.to_sym][:response_history]
-                        ai_engine = pi.config.pwn[:ai_engine]
-                        base_uri = pi.config.pwn[ai_engine][:base_uri]
-                        key = pi.config.pwn[ai_engine][:key] ||= ''
-                        temp = pi.config.pwn[ai_engine][:temp]
-                        model = pi.config.pwn[ai_engine][:model]
-                        system_role_content = pi.config.pwn[ai_engine][:system_role_content]
+                        engine = pi.config.pwn[:ai][:active].to_s.downcase.to_sym
+                        base_uri = pi.config.pwn[:ai][engine][:base_uri]
+                        key = pi.config.pwn[:ai][engine][:key] ||= ''
+                        temp = pi.config.pwn[:ai][engine][:temp]
+                        model = pi.config.pwn[:ai][engine][:model]
+                        system_role_content = pi.config.pwn[:ai][engine][:system_role_content]
 
                         users_in_chan = PWN::Plugins::IRC.names(
                           irc_obj: irc_obj,
@@ -342,7 +338,7 @@ module PWN
                           message.
                         "
 
-                        case ai_engine
+                        case engine
                         when :grok
                           response = PWN::AI::Grok.chat(
                             base_uri: base_uri,
@@ -459,29 +455,29 @@ module PWN
           end
         end
 
-        Pry::Commands.create_command 'pwn-vault-edit' do
+        Pry::Commands.create_command 'pwn-vault' do
           description 'Edit the pwn.yaml configuration file.'
 
           def process
             pi = pry_instance
-            yaml_config_path = pi.config.yaml_config_path ||= "#{Dir.home}/.pwn/pwn.yaml"
-            unless File.exist?(yaml_config_path)
-              puts "ERROR: pwn.yaml not found: #{yaml_config_path}"
+            pwn_config_path = pi.config.pwn_config_path ||= "#{Dir.home}/.pwn/pwn.yaml"
+            unless File.exist?(pwn_config_path)
+              puts "ERROR: pwn.yaml not found: #{pwn_config_path}"
               return
             end
 
-            yaml_decryptor_path = pi.config.yaml_decryptor_path ||= "#{Dir.home}/.pwn/pwn.decryptor.yaml"
-            unless File.exist?(yaml_decryptor_path)
-              puts "ERROR: pwn.decryptor.yaml not found: #{yaml_decryptor_path}"
+            pwn_decryptor_path = pi.config.pwn_decryptor_path ||= "#{Dir.home}/.pwn/pwn.decryptor.yaml"
+            unless File.exist?(pwn_decryptor_path)
+              puts "ERROR: pwn.decryptor.yaml not found: #{pwn_decryptor_path}"
               return
             end
 
-            decryptor = YAML.load_file(yaml_decryptor_path, symbolize_names: true)
+            decryptor = YAML.load_file(pwn_decryptor_path, symbolize_names: true)
             key = decryptor[:key]
             iv = decryptor[:iv]
 
             PWN::Plugins::Vault.edit(
-              file: yaml_config_path,
+              file: pwn_config_path,
               key: key,
               iv: iv
             )
@@ -539,9 +535,7 @@ module PWN
 
         # Initialize pwn.yaml Configuration using :before_session Hook
         Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
-          # puts "Refreshing PWN env via #{opts[:yaml_config_path]}"
-          opts[:pi] = pi
-          PWN::Plugins::Vault.refresh_config_for_repl(opts)
+          pi.config.pwn = PWN::Config.refresh(opts)
         end
 
         Pry.config.hooks.add_hook(:after_read, :pwn_asm_hook) do |request, pi|
@@ -585,23 +579,16 @@ module PWN
           if pi.config.pwn_ai && !request.chomp.empty?
             request = pi.input.line_buffer.to_s
             debug = pi.config.pwn_ai_debug
-            ai_engine = pi.config.pwn[:ai_engine]
-            base_uri = pi.config.pwn[ai_engine][:base_uri]
-            key = pi.config.pwn[ai_engine][:key] ||= ''
-            if key.empty?
-              key = PWN::Plugins::AuthenticationHelper.mask_password(
-                prompt: 'pwn-ai Key'
-              )
-              pi.config.pwn[ai_engine][:key] = key
-            end
-
-            response_history = pi.config.pwn_ai_response_history
+            engine = pi.config.pwn[:ai][:active].to_s.downcase.to_sym
+            base_uri = pi.config.pwn[:ai][engine][:base_uri]
+            key = pi.config.pwn[:ai][engine][:key] ||= ''
+            response_history = pi.config.pwn[:ai][engine][:response_history]
             speak_answer = pi.config.pwn_ai_speak
-            model = pi.config.pwn[ai_engine][:model]
-            system_role_content = pi.config.pwn[ai_engine][:system_role_content]
-            temp = pi.config.pwn[ai_engine][:temp]
+            model = pi.config.pwn[:ai][engine][:model]
+            system_role_content = pi.config.pwn[:ai][engine][:system_role_content]
+            temp = pi.config.pwn[:ai][engine][:temp]
 
-            case ai_engine
+            case engine
             when :grok
               response = PWN::AI::Grok.chat(
                 base_uri: base_uri,
@@ -639,7 +626,7 @@ module PWN
                 spinner: true
               )
             else
-              raise "ERROR: Unsupported AI Engine: #{ai_engine}"
+              raise "ERROR: Unsupported AI Engine: #{engine}"
             end
             # puts response.inspect
 
@@ -668,7 +655,7 @@ module PWN
               pp response_history
               puts "\nresponse_history[:choices] Length: #{response_history[:choices].length}\n" unless response_history.nil?
             end
-            pi.config.pwn_ai_response_history = response_history
+            pi.config.pwn[:ai][engine][:response_history] = response_history
           end
         end
       rescue StandardError => e
@@ -683,13 +670,10 @@ module PWN
       public_class_method def self.start(opts = {})
         # Monkey Patch Pry, add commands, && hooks
         PWN::Plugins::MonkeyPatch.pry
-        add_commands
-
         pwn_config_root = "#{Dir.home}/.pwn"
-        FileUtils.mkdir_p(pwn_config_root)
-        opts[:yaml_config_path] ||= "#{pwn_config_root}/pwn.yaml"
-        opts[:yaml_decryptor_path] ||= "#{pwn_config_root}/pwn.decryptor.yaml"
+        Pry.config.history_file = "#{pwn_config_root}/pwn_history"
 
+        add_commands
         add_hooks(opts)
 
         # Define PS1 Prompt

data/lib/pwn/plugins/vault.rb

@@ -15,7 +15,7 @@ module PWN
       #   iv: 'required - iv to decrypt'
       # )
 
-      def self.refresh_encryption_secrets(opts = {})
+      public_class_method def self.refresh_encryption_secrets(opts = {})
         file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
         key = opts[:key]
         iv = opts[:iv]
@@ -234,84 +234,6 @@ module PWN
         raise e
       end
 
-      # Supported Method Parameters::
-      # PWN::Plugins::Vault.refresh_config_for_repl(
-      #    yaml_config_path: 'required - full path to pwn.yaml file',
-      #    pi: 'optional - Pry instance (default: Pry)',
-      #    yaml_decryptor_path: 'optional - full path to decryption YAML file'
-      #  )
-      public_class_method def self.refresh_config_for_repl(opts = {})
-        yaml_config_path = opts[:yaml_config_path]
-
-        return false unless File.exist?(yaml_config_path)
-
-        pi = opts[:pi]
-        raise 'ERROR: Pry instance is required.' if pi.nil?
-
-        is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: yaml_config_path)
-
-        if is_encrypted
-          # TODO: Implement "something you know, something you have, && something you are?"
-          yaml_decryptor_path = opts[:yaml_decryptor_path] ||= "#{Dir.home}/.pwn/pwn.decryptor.yaml"
-          raise "ERROR: #{yaml_decryptor_path} does not exist." unless File.exist?(yaml_decryptor_path)
-
-          yaml_decryptor = YAML.load_file(yaml_decryptor_path, symbolize_names: true)
-
-          key = opts[:key] ||= yaml_decryptor[:key] ||= ENV.fetch('PWN_DECRYPTOR_KEY')
-          key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption Key') if key.nil?
-
-          iv = opts[:iv] ||= yaml_decryptor[:iv] ||= ENV.fetch('PWN_DECRYPTOR_IV')
-          iv = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption IV') if iv.nil?
-
-          yaml_config = PWN::Plugins::Vault.dump(
-            file: yaml_config_path,
-            key: key,
-            iv: iv
-          )
-        else
-          yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
-        end
-
-        valid_ai_engines = %i[
-          grok
-          openai
-          ollama
-        ]
-
-        # Convert ai_engine to symbol and downcase to ensure stability
-        yaml_config[:ai_engine] = yaml_config[:ai_engine].to_s.downcase.to_sym
-        pi.config.pwn = yaml_config
-        ai_engine = pi.config.pwn[:ai_engine]
-        raise "ERROR: Unsupported AI Engine: #{ai_engine} in #{yaml_config_path}.  Supported AI Engines:\n#{valid_ai_engines.inspect}" unless valid_ai_engines.include?(ai_engine)
-
-        model = pi.config.pwn[ai_engine][:model]
-        system_role_content = pi.config.pwn[ai_engine][:system_role_content]
-
-        # Reset the ai response history for new configurations
-        pi.config.pwn_ai_response_history = {
-          id: '',
-          object: '',
-          model: model,
-          usage: {},
-          choices: [
-            {
-              role: 'system',
-              content: system_role_content
-            }
-          ]
-        }
-
-        # These two lines should be immutable for the session
-        pi.config.pwn[:yaml_config_path] = yaml_config_path
-        pi.config.pwn[:yaml_decryptor_path] = yaml_decryptor_path if is_encrypted
-
-        Pry.config.refresh = false
-
-        true
-      rescue StandardError => e
-        raise e
-      end
-
       # Author(s):: 0day Inc. <support@0dayinc.com>
 
       public_class_method def self.authors
@@ -364,12 +286,6 @@ module PWN
             file: 'required - file to check if encrypted'
           )
 
-          #{self}.refresh_config_for_repl(
-            yaml_config_path: 'required - full path to pwn.yaml file',
-            pi: 'optional - Pry instance (default: Pry)',
-            yaml_decryptor_path: 'optional - full path to decryption YAML file'
-          )
-
           #{self}.authors
         "
       end

data/lib/pwn/reports/sast.rb

@@ -14,13 +14,7 @@ module PWN
       # PWN::Reports::SAST.generate(
       #   dir_path: 'optional - Directory path to save the report (defaults to .)',
       #   results_hash: 'optional - Hash containing the results of the SAST analysis (defaults to empty hash structure)',
-      #   report_name: 'optional - Name of the report file (defaults to current directory name)',
-      #   ai_engine: 'optional - AI engine to use for analysis (:grok, :ollama, or :openai)',
-      #   ai_model: 'optionnal - AI Model to Use for Respective AI Engine (e.g., grok-4i-0709, chargpt-4o-latest, llama-3.1, etc.)',
-      #   ai_key: 'optional -  AI Key/Token for Respective AI Engine',
-      #   ai_base_uri: 'optional -  AI FQDN (Only Required for "ollama" AI Engine)',
-      #   ai_system_role_content: 'optional - AI System Role Content (Defaults to "Confidence score of 0-10 this is vulnerable (0 being not vulnerable, moving upwards in confidence of exploitation). Provide additional context to assist penetration tester assessment.")',
-      #   ai_temp: 'optional - AI Temperature (Defaults to 0.1)'
+      #   report_name: 'optional - Name of the report file (defaults to current directory name)'
       # )
 
       public_class_method def self.generate(opts = {})
@@ -31,28 +25,21 @@ module PWN
         }
         report_name = opts[:report_name] ||= File.basename(Dir.pwd)
 
-        ai_engine = opts[:ai_engine]
-        if ai_engine
-          ai_engine = ai_engine.to_s.to_sym
-          valid_ai_engines = %i[grok ollama openai]
-          raise "ERROR: Invalid AI Engine. Valid options are: #{valid_ai_engines.join(', ')}" unless valid_ai_engines.include?(ai_engine)
+        ai_instrospection = PWN::CONFIG[:ai][:introspection]
+        if ai_instrospection
+          engine = PWN::CONFIG[:ai][:active].to_s.downcase.to_sym
+          base_uri = PWN::CONFIG[:ai][engine][:base_uri]
+          model = PWN::CONFIG[:ai][engine][:model]
+          key = PWN::CONFIG[:ai][engine][:key]
+          system_role_content = PWN::CONFIG[:ai][engine][:system_role_content]
+          temp = PWN::CONFIG[:ai][engine][:temp]
 
-          ai_base_uri = opts[:ai_base_uri]
-          raise 'ERROR: FQDN for Ollama AI engine is required.' if ai_engine == :ollama && ai_base_uri.nil?
-
-          ai_model = opts[:ai_model]
-          raise 'ERROR: AI Model is required for AI engine ollama.' if ai_engine == :ollama && ai_model.nil?
-
-          ai_key = opts[:ai_key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: "#{ai_engine} Token")
-          ai_system_role_content = opts[:ai_system_role_content] ||= 'Your sole purpose is to analyze source code snippets and generate an Exploit Prediction Scoring System (EPSS) score between 0% - 100%.  Just generate a score unless score is higher than 75% in which a code fic should also be included.'
-          ai_temp = opts[:ai_temp] ||= 0.1
-
-          puts "Analyzing source code using AI engine: #{ai_engine}\nModel: #{ai_model}\nSystem Role Content: #{ai_system_role_content}\nTemperature: #{ai_temp}"
+          puts "Analyzing source code using AI engine: #{engine}\nModel: #{model}\nSystem Role Content: #{system_role_content}\nTemperature: #{temp}"
         end
 
         # Calculate percentage of AI analysis based on the number of entries
         total_entries = results_hash[:data].sum { |entry| entry[:line_no_and_contents].size }
-        puts "Total entries to analyze: #{total_entries}" if ai_engine
+        puts "Total entries to analyze: #{total_entries}" if engine
 
         percent_complete = 0.0
         entry_count = 0
@@ -79,37 +66,39 @@ module PWN
             response = nil
             author = src_detail[:author].to_s.scrub.chomp.strip
 
-            case ai_engine
-            when :grok
-              response = PWN::AI::Grok.chat(
-                base_uri: ai_base_uri,
-                token: ai_key,
-                model: ai_model,
-                system_role_content: ai_system_role_content,
-                temp: ai_temp,
-                request: request.chomp,
-                spinner: false
-              )
-            when :ollama
-              response = PWN::AI::Ollama.chat(
-                base_uri: ai_base_uri,
-                token: ai_key,
-                model: ai_model,
-                system_role_content: ai_system_role_content,
-                temp: ai_temp,
-                request: request.chomp,
-                spinner: false
-              )
-            when :openai
-              response = PWN::AI::OpenAI.chat(
-                base_uri: ai_base_uri,
-                token: ai_key,
-                model: ai_model,
-                system_role_content: ai_system_role_content,
-                temp: ai_temp,
-                request: request.chomp,
-                spinner: false
-              )
+            if ai_instrospection
+              case engine
+              when :grok
+                response = PWN::AI::Grok.chat(
+                  base_uri: base_uri,
+                  token: key,
+                  model: model,
+                  system_role_content: system_role_content,
+                  temp: temp,
+                  request: request.chomp,
+                  spinner: false
+                )
+              when :ollama
+                response = PWN::AI::Ollama.chat(
+                  base_uri: base_uri,
+                  token: key,
+                  model: model,
+                  system_role_content: system_role_content,
+                  temp: temp,
+                  request: request.chomp,
+                  spinner: false
+                )
+              when :openai
+                response = PWN::AI::OpenAI.chat(
+                  base_uri: base_uri,
+                  token: key,
+                  model: model,
+                  system_role_content: system_role_content,
+                  temp: temp,
+                  request: request.chomp,
+                  spinner: false
+                )
+              end
             end
 
             ai_analysis = nil
@@ -118,6 +107,7 @@ module PWN
               ai_analysis = response[:choices].last[:content] if response[:choices].last.keys.include?(:content)
               # puts "AI Analysis Progress: #{percent_complete}% Line: #{line_no} | Author: #{author} | AI Analysis: #{ai_analysis}\n\n\n" if ai_analysis
             end
+            # TODO: Make results prettier in the HTML report
             src_detail[:ai_analysis] = ai_analysis.to_s.scrub.chomp.strip
 
             spin.update(

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.428'
+  VERSION = '0.5.430'
 end

data/lib/pwn.rb

@@ -12,19 +12,22 @@ module PWN
   autoload :AWS, 'pwn/aws'
   autoload :Banner, 'pwn/banner'
   autoload :Blockchain, 'pwn/blockchain'
+  autoload :Config, 'pwn/config'
   autoload :FFI, 'pwn/ffi'
   autoload :Plugins, 'pwn/plugins'
   autoload :Reports, 'pwn/reports'
   autoload :SAST, 'pwn/sast'
   autoload :WWW, 'pwn/www'
-  # TODO: If pwn.yaml is present, attempt to decrypt it, and initialize the YAML config
-  # Do this within PWN::Plugins::AuthenticationHelper?
 
   # Display a List of Every PWN Module
 
   public_class_method def self.help
     constants.sort
   end
+
+  # Initialize PWN configuration file
+  # PWN::CONFIG is the constant that stores the configuration data
+  PWN::Config.refresh
 rescue StandardError => e
   puts e.backtrace
   raise e

data/spec/lib/pwn/config_spec.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe PWN::Config do
+  it 'should return data for refresh method' do
+    config_response = PWN::Config.refresh
+    expect(config_response).not_to be_nil
+  end
+end

data/third_party/pwn_rdoc.jsonl

@@ -438,6 +438,17 @@
 {"messages":[{"role":"user","content":"PWN::Banner::WhiteRabbit.authors Usage"},{"role":"assistant","content":"`PWN::Banner::WhiteRabbit.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::Banner::WhiteRabbit.get Usage"},{"role":"assistant","content":"`PWN::Banner::WhiteRabbit.get`: Supported Method Parameters\n\nPWN::Banner::WhiteRabbit.get\n"}]}
 {"messages":[{"role":"user","content":"PWN::Banner::WhiteRabbit.help Usage"},{"role":"assistant","content":"`PWN::Banner::WhiteRabbit.help`: "}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain.help Usage"},{"role":"assistant","content":"`PWN::Blockchain.help`: "}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::BTC.authors Usage"},{"role":"assistant","content":"`PWN::Blockchain::BTC.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::BTC.btc_rest_call Usage"},{"role":"assistant","content":"`PWN::Blockchain::BTC.btc_rest_call`: Supported Method Parameters\n\nbtc_rest_call(\n\nhttp_method: 'optional HTTP method (defaults to GET)\nrest_call: 'required rest call to make per the schema',\nparams: 'optional params passed in the URI or HTTP Headers',\nhttp_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST',\ntimeout: 'optional timeout in seconds (defaults to 180)',\nspinner: 'optional - display spinner (defaults to false)'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::BTC.get_block_details Usage"},{"role":"assistant","content":"`PWN::Blockchain::BTC.get_block_details`: Supported Method Parameters\n\nPWN::Blockchain::BTC.get_block_details(\n\nheight: 'required - block height number',\ntoken: 'optional - API token for higher rate limits'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::BTC.get_latest_block Usage"},{"role":"assistant","content":"`PWN::Blockchain::BTC.get_latest_block`: Supported Method Parameters\n\nlatest_block = PWN::Blockchain::BTC.get_latest_block(\n\ntoken: 'optional - API token for higher rate limits'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::BTC.help Usage"},{"role":"assistant","content":"`PWN::Blockchain::BTC.help`: "}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::ETH.authors Usage"},{"role":"assistant","content":"`PWN::Blockchain::ETH.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::ETH.eth_rest_call Usage"},{"role":"assistant","content":"`PWN::Blockchain::ETH.eth_rest_call`: Supported Method Parameters\n\neth_rest_call(\n\nhttp_method: 'optional HTTP method (defaults to GET)\nrest_call: 'required rest call to make per the schema',\nparams: 'optional params passed in the URI or HTTP Headers',\nhttp_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST',\ntimeout: 'optional timeout in seconds (defaults to 180)',\nspinner: 'optional - display spinner (defaults to false)'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::ETH.get_block_details Usage"},{"role":"assistant","content":"`PWN::Blockchain::ETH.get_block_details`: Supported Method Parameters\n\nPWN::Blockchain::ETH.get_block_details(\n\nheight: 'required - block height number',\ntoken: 'optional - API token for higher rate limits'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::ETH.get_latest_block Usage"},{"role":"assistant","content":"`PWN::Blockchain::ETH.get_latest_block`: Supported Method Parameters\n\nlatest_block = PWN::Blockchain::ETH.get_latest_block(\n\ntoken: 'optional - API token for higher rate limits'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Blockchain::ETH.help Usage"},{"role":"assistant","content":"`PWN::Blockchain::ETH.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::FFI.help Usage"},{"role":"assistant","content":"`PWN::FFI.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::FFI::Stdio.authors Usage"},{"role":"assistant","content":"`PWN::FFI::Stdio.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::FFI::Stdio.help Usage"},{"role":"assistant","content":"`PWN::FFI::Stdio.help`: "}]}
@@ -1023,7 +1034,7 @@
 {"messages":[{"role":"user","content":"PWN::Plugins::Vault.encrypt Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.encrypt`: Supported Method Parameters\n\nPWN::Plugins::Vault.encrypt(\n\nfile: 'required - file to encrypt',\nkey: 'required - key to decrypt',\niv: 'required - iv to decrypt'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Vault.file_encrypted? Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.file_encrypted?`: Supported Method Parameters\n\nPWN::Plugins::Vault.file_encrypted?(\n\nfile: 'required - file to check if encrypted'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Vault.help Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.help`: "}]}
-{"messages":[{"role":"user","content":"PWN::Plugins::Vault.refresh_config_for_repl Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.refresh_config_for_repl`: Supported Method Parameters\n\nPWN::Plugins::Vault.refresh_config_for_repl(\n\n  yaml_config_path: 'required - full path to pwn.yaml file',\n  pi: 'optional - Pry instance (default: Pry)',\n  decryption_file: 'optional - full path to decryption YAML file'\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::Vault.refresh_config_for_repl Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.refresh_config_for_repl`: Supported Method Parameters\n\nPWN::Plugins::Vault.refresh_config_for_repl(\n\n  yaml_config_path: 'required - full path to pwn.yaml file',\n  pi: 'optional - Pry instance (default: Pry)',\n  yaml_decryptor_path: 'optional - full path to decryption YAML file'\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Vault.refresh_encryption_secrets Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.refresh_encryption_secrets`: Supported Method Parameters\n\nPWN::Plugins::Vault.refresh_encryption_secrets(\n\nfile: 'required - file to encrypt with new key and iv',\nkey: 'required - key to decrypt',\niv: 'required - iv to decrypt'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Voice.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::Voice.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Voice.help Usage"},{"role":"assistant","content":"`PWN::Plugins::Voice.help`: "}]}

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.428
+  version: 0.5.430
 platform: ruby
 authors:
 - 0day Inc.
@@ -477,14 +477,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.0.2
+        version: 2.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.0.2
+        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: mail
   requirement: !ruby/object:Gem::Requirement
@@ -1832,6 +1832,7 @@ files:
 - lib/pwn/blockchain.rb
 - lib/pwn/blockchain/btc.rb
 - lib/pwn/blockchain/eth.rb
+- lib/pwn/config.rb
 - lib/pwn/ffi.rb
 - lib/pwn/ffi/stdio.rb
 - lib/pwn/plugins.rb
@@ -2180,6 +2181,7 @@ files:
 - spec/lib/pwn/blockchain/btc_spec.rb
 - spec/lib/pwn/blockchain/eth_spec.rb
 - spec/lib/pwn/blockchain_spec.rb
+- spec/lib/pwn/config_spec.rb
 - spec/lib/pwn/ffi/stdio_spec.rb
 - spec/lib/pwn/ffi_spec.rb
 - spec/lib/pwn/plugins/android_spec.rb